Intel® SGX Attestation Service Utilizing Enhanced Privacy ID (EPID)
The Intel SGX attestation service is a public web service operated by Intel for client-based privacy focused usages on PCs or workstations. The primary responsibility of the Intel SGX attestation service is to verify attestation evidence submitted by relying parties. The Intel SGX attestation service utilizes Enhanced Privacy ID (EPID) provisioning, in which an Intel processor is given a unique signing key belonging to an EPID group. During attestation, the quote containing the processor’s provisioned EPID signature is validated, establishing that it was signed by a member of a valid EPID group. A commercial use license is required for any SGX application running in production mode accessing the Intel SGX attestation service.
Intel plans to end of life (EOL) the Intel SGX Attestation Service April 2, 2025. This would include all active API versions. Please factor this into your engagement plans (reference this link for additional details and Intel-offered attestation alternatives). As previously planned and communicated, Intel has limited access to the IAS Development (DEV) environment as of September 29, 2024.
The Intel® SGX Services and Intel® TDX Services Terms of Use govern your use of these services except where we expressly state that separate terms (and not these) apply. By using our services, you are agreeing to these terms. Make sure you read them carefully.